My goal here is to collect sources that are useful for privacy focused engineers, with a focus on sources that have concrete advice.
I recommend ignoring my descriptions and just reading the posts I link to.
Blogs
Apple Security
Exemplary post: CSAM Detection
Apple is the best of the FAANG companies at technical privacy. Their security blog in particular is a great resource for understanding how they build secure systems. They also occasionally publish whitepapers on their privacy features.
Robert Graham
Exemplary post: SSN# are only mostly unique
Robert Graham has a great mix of technical knowledge and contrarianism. It's surprising how often he'll point out that a widely reported story is totally wrong.
Robert Graham on Substack Twitter
Neil Brown / Decoded Legal
Exemplary post: CCTV or IP cameras outside your home, and the (UK) GDPR. It's easier than you think[1].
Neil Brown is a UK based lawyer who writes about data protection and privacy. His blog decoded.legal is a great resource for understanding the legal side of data protection, especially in the UK and EU. His personal blog neilzone.co.uk is a mix of privacy, technical content, and whatever Neil is up to.
[1] It' much more complicated than I thought.
Damien Desfontaines
Exemplary post: What anonymization techniques can you trust?
Damien used to lead the anonymization team at Google, and now runs a privacy focused consultancy.